Computer security researchers from The Johns Hopkins
University and Rice University today responded to an
electronic voting system vendor who attacked the
credibility of their study, which pointed to security flaws
that could allow tampering with election results. Diebold
Election Systems, whose software was evaluated by the
researchers, stated in a July 30 analysis that the company
did not believe the types of tampering suggested by the
researchers could occur.

"Our goal in this project was to call the public's
attention to some very serious security concerns that may
be overlooked in our rush to adopt new electronic voting
systems, problems that could jeopardize the integrity of
fair and open elections," said
Avi Rubin, technical
director of the
Information Security
Institute at Johns Hopkins and one of the authors of
the research paper. "Although
we were tempted to stand back
now and allow our elected officials and the public to come
to their own conclusions, we could not allow some of
Diebold's attacks on our research to go unchallenged. We
firmly stand behind our findings."

Technical director of the Information Security Institute at
JHU, Avi Rubin, center, with doctoral students Adam
Stubblefield (left) and Yoshi Kohno.Photo by Will Kirk

Rubin, Information Security Institute researchers
Yoshi Kohno and Adam Stubblefield, and Rice University
computer scientist Dan Wallach released a technical report
July 23 concerning security flaws in Diebold software that
had been posted on a public Web site. The report has
triggered a vigorous public discussion of electronic voting
involving state and local election supervisors, members of
Congress, technology researchers, members of the public and
electronic voting system vendors.

Johns Hopkins University news releases can be found on the
World Wide Web at
http://www.jhu.edu/news_info/news/
Information on automatic e-mail delivery
of science and medical news releases is available at the
same address.